Editing your ISP Account Details

[Ankit Fadia <ankit () BOL NET IN>]

I don't know whether this has come up earlier or not. But recently, I
discovered a security loophole exisiting in Netscape Enterprise (Atleast,
haven't tested on other OS's.) which allows any person having an account on
that server to edit account details like Contact Information etc, even if
the sysadmin does not want normal users to do so. This can lead to
disastorous results, when applied to ISP's running the affected Operating
Systems. This would mean that people can commit crimes, change their contact
details in their ISP Database and get away scott free, as the contact
details do not lead to the actual culprits. I would like to get your
feedback on this issue and correct me wherever, I have gone wrong. I have
attached the entire process for you to see.
Have a Nice Day,
Ankit Fadia
Founder, Hacking Truths
http://hackingtruths.box.sk